• Over 623 million ransomware attacks globally, an astounding 105% increase
  • Ransomware volume increased 232% since 2019
  • U.S., U.K. ransomware climbed staggering 98% and 227%, respectively
  • Log4j vulnerability exploits eclipsed 142 million in six weeks
  • 65% increase in ‘never-before-seen’ malware variants identified
  • Encrypted threats increased 167% year-over-year
  • Record 97.1 million cryptojacking attacks found

MILPITAS, Calif. — February 17, 2022 — SonicWall, the publisher of the world’s most quoted ransomware threat intelligence, today released the 2022 SonicWall Cyber Threat Report. The bi-annual report details a sustained meteoric rise in ransomware with 623.3 million attacks globally. Nearly all monitored threats, cyberattacks and malicious digital assaults rose in 2021 including: ransomware, encrypted threats, IoT malware and cryptojacking.

“Cyberattacks become more attractive and potentially more disastrous as dependence on information technology increases,” said SonicWall President and CEO Bill Conner. “Securing information in a boundless world is a near impossible and thankless job, especially as the boundaries of organizations are ever-expanding to limitless endpoints and networks.”

Ransomware’s Savage Reign Continues as Attacks Increase 105%
SonicWall Capture Labs threat researchers diligently tracked the dramatic rise in ransomware, recording an astounding 318.6 million more ransomware attacks than 2020, a 105% increase. Ransomware volume has risen 232% since 2019.

High-profile ransomware attacks impacted businesses, state and federal governments, schools, hospitals and even individuals. Attacks hit supply chains, causing widespread system downtime, economic loss and reputational damage. Following global trends, all industries faced large increases of ransomware volume, including government (+1,885%), healthcare (755%), education (152%) and retail (21%).

As Cyberattack Vectors Expand, Malicious Assaults Climb
The frequency and variety of cyberattacks continue to expand every year, with an increasing cost to organizations worldwide. SMBs and enterprises are progressively threatened by an assortment of cyberattacks, and without knowing what they are, or how cybercriminals operate, protecting business-critical data from cyberattacks becomes unmanageable.

“Attacks on networks rose to a fever pitch in 2021,” said SonicWall Vice President of Platform Architecture Dmitriy Ayrapetov. “Ransomware, cryptojacking, vulnerably exploitation, phishing and other attacks continue to plague organizations around the world and overwhelm security teams. It’s important to understand the breakdown of these attacks and why they continue to be successful, as well as the drivers and trends behind them.”

Insight on additional cyber threats include:

  • Apache Log4j vulnerabilities were quickly exploited, with threat actors logging 142.2 million exploit attempts between Dec. 11 and Jan. 31 — an average of 2.7 million each day. Within three days of the public disclosure, exploit attempts had already passed the 1 million mark.
  • Malware volume was slightly down again in 2021, marking both a third-straight year of decrease as well as a seven-year low. However, an uptick in attacks during the second half of 2021 almost completely erased the 22% drop in malware that SonicWall had recorded at the mid-year point, bringing the total decrease for 2021 to just 4% — suggesting malware numbers may rebound in 2022.
  • Encrypted threats increased 167% year-over-year. In August, the number of encrypted attacks broke the 1 million mark for the first time, then continued to rise, reaching nearly 2.5 million by year’s end.
  • Cryptojacking continued to surge last year, rising 19% globally to 97.1 million, which is the most attacks that SonicWall Capture Labs threat researchers have ever recorded in a single year.
  • IoT malware volume rose 6% in 2021, totaling 60.1 million hits by year’s end. While this isn’t good news, it’s at least better than it has been: In 2019 and 2020, IoT malware volume rose 218% and 66%, respectively. With no corresponding slowdown in the proliferation of connected devices, this suggests that attack volumes may be leveling off.

Smarter Than Ever, RTDMI Discovered 65% More ‘Never-before-seen’ Malware Variants
SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMI) technology identified a total of 442,151 never-before-seen malware variants in 2021, a 65% year-over-year increase and an average of 1,211 per day. In Q4, RTDMI found more never-before-seen malware variants than in any quarter since its introduction in 2018.

SonicWall Advanced Threat Protection (ATP) with RTDMI recently earned its fourth consecutive ‘perfect score’ in the ICSA Labs ATD testing for Q4 2021. ICSA Labs is an independent third party that tested SonicWall’s solutions using never-before-seen malware samples, and over the course of the entire year (2021) SonicWall technology did not miss a single malware sample nor produced one false positive.

To learn more about SonicWall and get the complete 2022 SonicWall Cyber Threat Report, please visit sonicwall.com/ThreatReport.

About SonicWall Capture Labs
SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

About SonicWall
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Latest Stories

" alt="" />
November 6, 2024

SonicWall Unveils TZ80: Empowering Service Providers to Deliver Comprehensive Security, Remote Access and Networking Solutions for Branch Offices and SOHO

More Than a Firewall: SonicWall Introduces Integrated Cybersecurity Platform with the TZ80 at the Core of the Market’s Next-Gen SOHO Solution, Featuring: Industry-First Warranties, Cloud Native VPN, Firewall Management and Flexible Pricing MILPITAS, Calif. — November 7, 2024 — SonicWall announced today the launch of the TZ80, a groundbreaking security solution designed specifically for branch offices and small office/home office (SOHO) environments. With its comprehensive, cost-effective package of networking, access, and security solutions, the TZ80 is a subscription-based device designed for service providers and value-added resellers (VARs) – and is set to revolutionize the way they deliver cybersecurity. The SonicWall TZ80 combines performance and price and provides industry leading networking and security capabilities, with advanced threat protection at a low total cost of ownership (TCO), making the TZ80 ideal for branch offices with remote workers, SOHO, IoT, and businesses with small form-factor requirements. This best-in-class firewall platform features built-in integration with cloud-native zero trust network access (ZTNA) and VPN as a service (VPNaaS) for hybrid environments and is backed by world-class technical support, available firewall management and network monitoring, and an industry-first cyber threat warranty. “The TZ80 is more than a firewall; it embodies the future of cybersecurity for managed service providers and their customers,” said SonicWall President and CEO Bob VanKirk. “With this launch, we’re transforming network security by integrating on-premise, hybrid, and cloud technologies into a cohesive solution. Our unified approach enhances security and performance while protecting customer data with modern cloud management and backed by expert services to keep our partners secure in today’s evolving threat landscape.” MSPs can complement their existing firewall monitoring and network operations center (NOC) to enhance their services with SonicWall’s managed security services, who work behind the scenes as a force multiplier for SonicWall partners. The Managed Protection Services Suite (MPSS) bundle provides management for TZ80 devices, with remote implementation, firmware and vulnerability management, and system health monitoring to help MSPs ensure that their customers employ best practices and stay up-to-date for the highest level of protection in today’s threat landscape. “We’ve been looking for a solution like the TZ80, and it’s exciting to see SonicWall deliver precisely what we need,” said President/CEO and SonicWall partner Brian A. Reed of Firewalls.com. “This opens up significant opportunities in the SOHO market for us, and the bundled cloud native VPN adds tremendous value, while the pay-as-you-go model makes it even more accessible. Additionally, the MPSS bundle enhances our offering and helps us stay focused on the core of our business, ensuring our clients stay secure.” To further enhance the value proposition, SonicWall will offer industry-first cybersecurity warranties for the TZ80 and other SonicWall front-line defense products certified by Cysurance. These warranties will help supplement insurance coverage by providing cash for covering deductibles or other out of pocket expenses before insurance kicks in. SonicWall will offer warranties for the TZ80 and other certified products as follows: $100K for a qualifying firewall $200K for a qualifying managed firewall Additionally, SonicWall is excited to introduce its latest and new "3 & Free" promotion. This promotion includes cloud native VPN licenses along with a free next-gen firewall. When purchasing a 3-year Advanced Protection Services Suite (APSS) or Essential Protection Services Suite (EPSS) customers get more than just free firewalls - they also gain comprehensive protection from latest cyber threats. SonicWall remains dedicated to equipping its partners with the tools they need to deliver security outcomes in a rapidly evolving cybersecurity landscape. The TZ80 represents a significant leap forward in delivering scalable, and integrated security solutions via our MSPs for branch offices and SOHO environments. To learn more about SonicWall’s TZ80, the full offering, new warranties and promotions please visit https://www.sonicwall.com/products/firewalls/soho. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />

Infinigate and SonicWall Expand Partnership Across Eastern Europe

SonicWall and Infinigate extend their successful collaboration to cover the Eastern European region, including Balkan countries.   Rotkreuz, Switzerland – November 6, 2024: The Infinigate Group, the leading technology platform and trusted advisor in cybersecurity, cloud and network infrastructure, and SonicWall, a leading cybersecurity innovator and partner-first company, are extending their partnership across Eastern Europe. Infinigate will distribute SonicWall’s entire advanced portfolio of network and endpoint security, Cloud Secure Edge (CSE) and Managed Security Services (MSS) offering channel partners effective solutions to meet the ever-evolving requirements of a broad customer base – from SMB through to enterprise organisations. Spencer Starkey, Executive Vice President at SonicWall said: “The Eastern European market presents a strong opportunity for growth and Infinigate, in view of our long-standing successful collaboration and their reach and experience in this geographical area, is absolutely the right distribution partner for us. Being a channel-first organisation, we value Infinigate’s specialist focus and their technical and market knowledge.” Protecting your business from escalating cyber-attacks has become a priority, as illustrated in Sonic Wall’s 2024 Mid-Year Cyber-Threat Report. Ransomware is on the rise in the Americas, while EMEA is pulling the global numbers down, suggesting improved cybersecurity measures and law enforcement interventions are having a positive impact. “We are delighted to build on our long-standing success with SonicWall and leverage the full potential of this growing region, where cybersecurity is high on the agenda, as illustrated by the NIS2 readiness statistics,” said Denis Ferrand Ajchenbaum, Chief Growth Officer at Infinigate Group and Managing Director of Infinigate Cloud. “As a leading Managed Security Services Distributor, we value SonicWall’s range of managed security services that considerably strengthen our offering in the region,” he added. Doru Manea, RVP East at Infinigate commented: Doru Manea, RVP East at Infinigate, commented: “Bringing SonicWall into our regional portfolio strengthens our ability to support our channel partners across Eastern Europe. With SonicWall’s expertise in cybersecurity, we can better equip our partners to meet the security needs of businesses in this market. Our channel reach and the strong cybersecurity culture in the region are a solid basis for our shared success” About Infinigate The Infinigate Group, the leading technology platform and trusted advisor in Cybersecurity, Cloud & Network Infrastructure covers over 100 countries across EMEA, Australia and New Zealand. In the 2023-2024 financial year the Infinigate Group revenue reached 2.3B€. Our focus and deep technical expertise on cybersecurity, secure networks and secure cloud for SMB and enterprise set us apart. Our 1,250 employees provide locally tailored services complementing a robust central supply chain, sparking growth for our partners, MSSPs and vendors. In 2022, Starlink, Vuzion (now Infinigate Cloud) and Nuvias became part of the Infinigate Group. In 2024, Wavelink became an Infinigate Group company, adding coverage for the Australian and New Zealand (ANZ) market. For additional information please visit www.infinigate.com About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
October 31, 2024

Government Organizations Face Surge in Malware and DDoS Attacks, Raising Alarms Over Potential Election Disruption

Newest report highlights some escalating risks to critical infrastructure as election day approaches MILPITAS, Calif. — October 31, 2024 — SonicWall released its latest threat brief focused exclusively on governments, reporting a staggering 236% year-over-year increase in malware-related attacks against government organizations globally during the first quarter of 2024. This alarming trend coincides with a notable 27% rise in attacks in the month leading up to the upcoming election, underscoring the urgent need for enhanced security measures. SonicWall's comprehensive threat intelligence reveals a 33% increase in attacks related to the software supply chain since the start of the year. Additionally, DDoS (Distributed Denial of Service) attacks are on track to surpass last year's figures by 32% - underscoring the escalating risks to critical infrastructure as election day approaches. “As attackers continue to attack critical government services and election-related systems, the importance of multi-layered cybersecurity measures cannot be overstated,” said Executive Director of Threat Research Doug McKee. "In a rapidly evolving threat landscape, the stakes have never been higher. We must  embrace cross-industry collaboration and threat intelligence information sharing  to ensure the integrity of our electoral processes and protect our vital infrastructure from those seeking to exploit  these systems. "  Rising Threats to Election Security The recent Hezbollah pager supply chain attack serves as a stark reminder of how easily everyday devices can be exploited to launch significant cyberattacks. As attackers target seemingly innocuous devices lacking stringent security protocols, the risk extends to critical election infrastructure. For instance, compromised IP cameras, frequently utilized at polling locales, could be weaponized or compromised to disrupt essential operations. SonicWall data highlights the pressing need for vigilance, as the company has successfully thwarted over 12.9 million attacks targeting IP cameras this year alone. These devices, often overlooked in cybersecurity strategies, present an enticing entry point for cybercriminals aiming to undermine public trust in the electoral process.  The Vulnerability of IoT Devices The growing reliance on Internet of Things (IoT) devices within government operations raises significant concerns. Many of these devices, including security systems and smart sensors, lack robust defenses, making them attractive targets for malicious actors. SonicWall emphasizes the urgent need for organizations to implement rigorous security measures to protect against the exploitation of vulnerable devices. The potential consequences of these vulnerabilities extend far beyond traditional cybersecurity threats, threatening the integrity of national infrastructure and electoral security. Call to Action As the election approaches, SonicWall urges government organizations to prioritize cybersecurity by strengthening their defenses against malware and DDoS attacks. By implementing advanced security solutions and enhancing awareness of IoT vulnerabilities, organizations can better safeguard their operations against these escalating threats. For more information about SonicWall and see the Government Threat Brief, please visit https://www.sonicwall.com/resources/brief/2024-threat-brief-government. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Read More
" alt="" />
September 25, 2024

SonicWall Report Details 14 Million Victims of Malware Breaches in the U.S. Healthcare Sector

SonicWall discovers 91% of healthcare breaches involve ransomware in 2024 - underscoring the urgent need for improved cybersecurity and strong partnerships with MSPs/MSSPs MILPITAS, Calif. — September 26, 2024 — SonicWall today unveiled a 2024 SonicWall Threat Brief, focused exclusively on the healthcare industry and is based on extensive research from SonicWall Capture Labs. The report reveals that a minimum of 14 million patients in the U.S. have fallen victim to malware breaches in this sector. Despite SonicWall sensors successfully preventing over 26,000 attacks, the findings underscore that healthcare organizations, due to their essential operations and potential for financial gain, remain prime targets for ransomware. Many healthcare organizations operate with limited cybersecurity resources and often rely on outdated technology – making them susceptible to ransomware attacks. SonicWall also determined that an astounding 60% of vulnerabilities were leveraged against Microsoft Exchange. "Understanding the threat landscape is crucial for the healthcare industry to effectively defend against cyberattacks,” said Executive Director, Threat Research at SonicWall Doug McKee. “As ransomware evolves and targets sensitive patient data, organizations must stay informed about emerging threats and vulnerabilities. By equipping themselves with knowledge and robust security measures, healthcare providers can better protect their critical operations and ensure the safety of patient information." Disrupting access to patient data or medical systems can have life-threatening consequences. Because of this, healthcare organizations are more likely to pay ransoms to restore operations quickly. In 2024, ransomware was leveraged in 91% of malware-related data breaches in the healthcare sector, with Lockbit emerging as one of the most notorious ransomware groups targeting this industry. The increasing digitalization of health records and telehealth services further expands the attack surface, making it nearly impossible for healthcare organizations to go it alone. Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) should play a vital role in the healthcare industry by delivering specialized expertise and resources that many organizations lack. As cyber threats become increasingly sophisticated, MSPs/MSSPs can implement robust security measures, monitor systems in real-time, and ensure compliance with regulatory standards. Their proactive approach to cybersecurity helps healthcare providers defend sensitive patient data, minimize downtime, and focus on delivering quality care, ultimately enhancing the resilience of the entire healthcare ecosystem. To learn more about SonicWall’s finding in its 2024 SonicWall Threat Brief, please visit www.sonicwall.com/resources/brief/2024-threat-brief-healthcare. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram. About SonicWall Capture Labs SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

Read More